OpenStack是IaaS(基礎設施即服務)軟件,讓任何人都可以自行建立和提供雲端運算服務。此外,OpenStack也用作建立防火牆內的「私有雲」(Private Cloud),提供機構或企業內各部門共享資源。 -Wiki 这篇文章主要记录一下openstack计算节点的安装过程
基本配置
1.配置hosts文件使多节点间能相互通讯
/etc/hosts
#控制节点
192.168.1.100 CloudController
#计算节点
192.168.1.101 CloudNova
#网络节点
192.168.1.102 CloudNeutron
2.配置yum源
yum install https://repos.fedorapeople.org/repos/openstack/EOL/openstack-icehouse/rdo-release-icehouse-4.noarch.rpm
yum install http://dl.fedoraproject.org/pub/epel/6/x86\_64/epel-release-6-8.noarch.rpm
#安装好openstack的源后要修改源文件里面的baseurl
vim /etc/yum.repo.d/rdorelease.repo
https://repos.fedorapeople.org/repos/openstack/EOL/openstack-icehouse/epel-6/
3.安装openstack基本工具 安装openstack基本配置工具和openstackselinux管理工具,更新系统并重启
yum install openstack-utils
yum install openstack-selinux
yum update
reboot
4.配置网络节点内核参数
vim /etc/sysctl.conf
#关闭IP过滤开启转发等
net.ipv4.ip\_forward=1
net.ipv4.conf.all.rp\_filter=0
net.ipv4.conf.default.rp\_filter=0
net.bridge.bridge-nf-call-arptables=1
net.bridge.bridge-nf-call-iptables=1
modprobe bridge
sysctl -p
Neutron节点配置过程 安装neutron组件并为neutron配置keystone认证
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth\_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone\_authtoken auth\_uri http://CloudController:5000
openstack-config --set /etc/neutron/neutron.conf keystone\_authtoken auth\_host CloudController
openstack-config --set /etc/neutron/neutron.conf keystone\_authtoken auth\_protocol http
openstack-config --set /etc/neutron/neutron.conf keystone\_authtoken auth\_port 35357
openstack-config --set /etc/neutron/neutron.conf keystone\_authtoken admin\_tenant\_name service
openstack-config --set /etc/neutron/neutron.conf keystone\_authtoken admin\_user neutron
openstack-config --set /etc/neutron/neutron.conf keystone\_authtoken admin\_password 123
为neutron配置qpid消息服务器
openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc\_backend neutron.openstack.common.rpc.impl\_qpid
openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid\_hostname CloudController
配置neutron使用ml2网络模式
openstack-config --set /etc/neutron/neutron.conf DEFAULT core\_plugin ml2
openstack-config --set /etc/neutron/neutron.conf DEFAULT service\_plugins router
为实例提供L3虚拟网络
openstack-config --set /etc/neutron/l3\_agent.ini DEFAULT interface\_driver neutron.agent.linux.interface.OVSInterfaceDriver
openstack-config --set /etc/neutron/l3\_agent.ini DEFAULT use\_namespaces True
为实例提供dhcp服务
openstack-config --set /etc/neutron/dhcp\_agent.ini DEFAULT interface\_driver neutron.agent.linux.interface.OVSInterfaceDriver
openstack-config --set /etc/neutron/dhcp\_agent.ini DEFAULT dhcp\_driver neutron.agent.linux.dhcp.Dnsmasq
openstack-config --set /etc/neutron/dhcp\_agent.ini DEFAULT use\_namespaces True
openstack-config --set /etc/neutron/dhcp\_agent.ini DEFAULT dnsmasq\_config\_file /etc/neutron/dnsmasq-neutron.conf
vim /etc/neutron/dnsmasq-neutron.conf
#修改mtu
dhcp-option-force=26,1454
#关闭所有DNSMASQ进程
killall dnsmasq
为neutron配置metadata server
openstack-config --set /etc/neutron/metadata\_agent.ini DEFAULT auth\_url http://controller:5000/v2.0
openstack-config --set /etc/neutron/metadata\_agent.ini DEFAULT auth\_region regionOne
openstack-config --set /etc/neutron/metadata\_agent.ini DEFAULT admin\_tenant\_name service
openstack-config --set /etc/neutron/metadata\_agent.ini DEFAULT admin\_user neutron
openstack-config --set /etc/neutron/metadata\_agent.ini DEFAULT admin\_password 123
openstack-config --set /etc/neutron/metadata\_agent.ini DEFAULT nova\_metadata\_ip controller
openstack-config --set /etc/neutron/metadata\_agent.ini DEFAULT metadata\_proxy\_shared\_secret matadata
service openstack-nova-api restart
配置实例网络为gre桥接模式
openstack-config --set /etc/neutron/plugins/ml2/ml2\_conf.ini ml2 type\_drivers gre
openstack-config --set /etc/neutron/plugins/ml2/ml2\_conf.ini ml2 tenant\_network\_types gre
openstack-config --set /etc/neutron/plugins/ml2/ml2\_conf.ini ml2 mechanism\_drivers openvswitch
openstack-config --set /etc/neutron/plugins/ml2/ml2\_conf.ini ml2\_type\_gre tunnel\_id\_ranges 1:1000
openstack-config --set /etc/neutron/plugins/ml2/ml2\_conf.ini ovs local\_ip 192.168.1.102
openstack-config --set /etc/neutron/plugins/ml2/ml2\_conf.ini ovs tunnel\_type gre
openstack-config --set /etc/neutron/plugins/ml2/ml2\_conf.ini ovs enable\_tunneling True
openstack-config --set /etc/neutron/plugins/ml2/ml2\_conf.ini securitygroup firewall\_driver neutron.agent.linux.iptables\_firewall.OVSHybridIptablesFirewallDriver
openstack-config --set /etc/neutron/plugins/ml2/ml2\_conf.ini securitygroup enable\_security\_group True
service openvswitch start
chkconfig openvswitch on
配置二层虚拟网络服务
#建立内部虚拟网桥
ovs-vsctl add-br br-int
#建立外部虚拟网桥
ovs-vsctl add-br br-ex
#将外部虚拟网桥桥接到物理接口上
ovs-vsctl add-port br-ex eth0
#建立ML2软连接
ln -s plugins/ml2/ml2\_conf.ini /etc/neutron/plugin.ini
#建立服务进程
cp /etc/init.d/neutron-openvswitch-agent /etc/init.d/neutronopenvswitch-agent.orig
sed -i 's,plugins/openvswitch/ovs\_neutron\_plugin.ini,plugin.ini,g' /etc/init.d/neutron-openvswitch-agent
重启各项服务并加入开机启动
service neutron-openvswitch-agent start
chkconfig neutron-openvswitch-agent on
service neutron-l3-agent start
chkconfig neutron-l3-agent on
service neutron-dhcp-agent start
chkconfig neutron-dhcp-agent on
service neutron-metadata-agent start
chkconfig neutron-metadata-agent on